The millions of users of iPhone and iPad have been warned by the United States government on Thursday to be on high alert for hackers who may try to exploit a vulnerable spot in the operating system of Apple Inc’s iOS.
These hackers may be able to steal sensitive data from you if left without checking.
A newly identified technique called the “Masque Attack” had been giving ways and potential for hacks and according to the government. The announcement was said in an online bulletin from the National Cybersecurity and Communications Integration Center and the U.S. Computer Emergency Readiness Teams.
The vulnerability behind the mysterious “Masque Attack” was disclosed by a network security company called FireEye Inc earlier this week. FireEye Inc stated that the exploitation occurred in order to launch a campaign, which is now dubbed as “WireLurker” so that more attacks could follow the first waves.
The bug enables the hackers to steal off data via tainted messages, emails and weblinks that could replace real apps with malicious versions of such though it can be loaded only when users choose to install apps from outside the Apple App Store.
Once it has taken a users’ phone victim, hackers can potentially steal login credentials and access the sensitive data which are stored on the iOS devices. The government added that these hackers can also monitor activity on those devices remotely.
However, this attack requires the users to install an ‘untrusted’ app and such attacks could be avoided if iPad and iPhone users use only installed apps from Apple’s App Store or from their own organizations.
If pop-ups appear when surfing the web, users are advised not to click any “Install” buttons. If iOS flashes a warning on the screen that says that the app comes from an “Untrusted App Developer”, then, users should click on “Don’t Trust” according to the bulletin. This app should immediately be uninstalled.
Comments, however, could not be given immediately as representatives of Apple could not be reached.